The Threat Intelligence Service aggregates threat indicators from multiple online sources, according to a prepared statement. It applies machine algorithms to remove false-positive alerts and suspicious IP addresses, blacklisted IP addresses and other potential indicators of compromise (IoCs).

Security analysts can leverage the Threat Intelligence Service to add risk to a session in the Exabeam Advanced Analytics user and entity behavior analytics (UEBA) solution when an IoC is involved in a user timeline, the company said. They also can use a threat indicator to automate an investigation playbook in the Exabeam Incident Responder solution or trigger an alert via a rule in the Exabeam Data Lake log management tool.

The Threat Intelligence Service will be integrated into the Exabeam Security Management Platform and available at no additional charge to customers with a current Exabeam subscription. Furthermore, the service can be used in conjunction with on-premises and hybrid and public cloud Exabeam deployments.

Exabeam Adds Case Management Module to Its UEBA Solutions

In addition to its Threat Intelligence Service announcement, Exabeam this week integrated case management functionality into the Exabeam Advanced Analytics and Exabeam Entity Analytics UEBA solutions.

Exabeam Case Management offers threat intelligence to help security analysts speed up incident response, according to the company. It includes a customizable user interface designed for security teams’ workflows and leverages machine learning to provide users with relevant fields, values and data for different types of incidents.

Incident Cards: Offers graphical cards on each security analyst’s Exabeam home page that show active incidents prioritized by severity and automates the creation of tickets based on incidents with a high risk score.

Workflow Management: Enables security analysts to see incidents and request a merge or escalation as needed.

Exabeam Case Management is in beta testing, and it is expected to be released next month.